The Privacy Sandbox is Google’s proposed solution for marketers reacting to the announcement that third-party cookies in Google Chrome are set to become obsolete.
However, there are a number of different proposals and solutions being built in the Privacy Sandbox, all in varying stages of development. The Federated Learning of Cohorts (FLoC), the proposal with the most publicity and commentary to date, is one such proposal.
What is FLoC and how could it affect privacy concerns moving forward?
Goal
To place relevant ads on a site; all advertising is personalized and based upon general information about the interests of the user.
Traditional “Pre-Privacy” Solution
Personalized (“relevant”) ads for users today are displayed using third-party cookies. An advertising network is able to associate pages/domains that are collected with an associated ID as a user navigates across the web. This mass collection of the ID (stored in a third-party cookie) along with the page context allows the network to develop a profile of the user and then place them into interest categories (users in the market for athletic shoes, dog lovers, etc.).
Advertisers then have a particular ad and define the audience profile to whom that ad should be shown. The ad network is then able to use the profiles of users they have created and match those against the audience profile parameters that advertisers have defined. They can match up those “relevant ads” and show them to the profiles (cookie IDs) they deem them relevant. The ad serving here is also accomplished via the third-party cookie ID.
What Happens When Third-Party Cookies Are Deprecated?
Without third-party cookies, there is no technical mechanism via which to set a unique identifier on the user’s device (meaning there is no cross-site browsing data for purposes of profile creation). Without the ability to create these profiles, there is no way to display personalized “relevant” ads outside of one-to-one direct relationships with single publishers that maintain their own first-party cookie repositories (and profiles).
Beyond profile building, without a third-party cookie there is no way to target and display a specific ad to a specific user (profile) across the web.
The FLoC proposal is a technical mechanism that displays relevant ads to interest-based audiences despite the elimination of third-party cookies.
How the “Post-Privacy” Solution Works
Browsing data (page URLs, page metadata, etc.) is not passed with a unique identifier to advertising platforms. Instead, the browser collects encrypted information about the pages a user accesses locally. Using machine learning within the browser, it then places the user/device in an interest cohort based upon the observed browsing history. Anonymity is maintained as the browser ensures there are a limited number of cohorts and each includes thousands of users.
Instead of making a unique identifier (such as a third-party cookie value) available to advertising platforms for the user/device, the cohort ID is made available. This allows ads to be targeted based upon cohorts and measurement to happen based upon cohorts for campaign optimization. From a first-party data collection perspective, you could also collect the cohort ID for users of your site(s) in order to better identify who is your most relevant and valuable audience.
Current Status of the “Post-Privacy” Solution
Google ran simulations based upon the principles defined in the FLoC proposal. A January 25, 2021 announcement stated that “tests of FLoC to reach in-market and affinity Google audiences show that advertisers can expect to see at least 95% of the conversions per dollar spent when compared to cookie-based advertising.” It is important to keep in mind that this first round of tests were Google simulations and not public on the open web. Chrome made FLoC-based cohorts available for public testing through an origin trial with the release of Chrome 89 on March 9, 2021. With this release, the application programming interface (API) now allows working with these interest-based cohorts.
Relevant Privacy Regulatory Considerations
Accessing a user’s cohort still requires accessing the user’s device. It is reasonable to assume that the consent requirements for EU users would still be in effect under country-specific legislation as directed by the ePrivacy directives. It is unclear if the behavior of the browser itself running this kind of profiling will be deemed permissible by data protection authorities across Europe and the rest of the globe. Due to this concern, Google is holding off on opening testing of FLoC in Europe while privacy questions are addressed.
What an Advertiser Can Do Today to Prepare
Begin collecting the cohorts of users in analytics. Using this information, you can begin testing and assessing conversion rates, as well as begin modeling for audience creation based upon cohorts. This will be a future strategy for audience creation and targeting.
